Access control device, access control system and access control method using the same

ABSTRACT

The present specification relates to an access control device, an access control system and an access control method using the same. The present specification discloses the access control method performed by a user&#39;s terminal which performs the user&#39;s access authentication, the method comprising, detecting the access control device in the user&#39;s terminal, establishing a communication channel, receiving the identification information from the access control device through the communication channel, checking the target door of the user&#39;s access authentication the based on the received identification information and determining whether or not the user is allowed to access to the target door based on access right information prestored in the user&#39;s terminal, wherein the access right information includes at least one of registered user identification information, registered terminal identification information, registered access control device identification information, access schedule information, and validity period information of the access right information.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority to and the benefit of Korean PatentApplication No. 10-2019-0066684, filed on Jun. 5, 2019, the disclosureof which is incorporated herein by reference in its entirety.

BACKGROUND 1. Field of the Invention

The present disclosure relates to an access control device, accesscontrol system and access control method using the same.

2. Discussion of Related Art

An access control system is a system that recognizes and managesvisitors who intend to access a specific space through a door. Accesscontrol systems are being widely used in typical offices and houses aswell as in access-restricted facilities with high security.

A conventional authentication method used in such an access controlsystem includes an authentication method using a magnetic card, a smartcard, a non-contact wireless card, etc., and an authentication methodusing biometric information such as a fingerprint and an iris of avisitor.

In such a conventional authentication method, a visitor may access adoor only after the visitor performs authentication through anauthentication device installed near the door. As described above,authentication needs to be performed through a separate authenticationdevice. Thus, when there are a plurality of visitors, it takes a longtime to perform authentication. In addition, there is an inconveniencein that a user needs to always carry a separate authentication meanssuch as a magnetic card, etc., and also there is a difficulty in that,when such an authentication means is lost, an unauthorized visitor whosteals the separate authentication means can access the door.

Also, in the conventional authentication method, the authentication isperformed only by means of a control server that collectively handlesauthentication devices installed near a door. Thus, it is impossible toaccess the door when communication between the control server and theauthentication devices installed near the door is disconnected or whenthe control server is disabled.

Also, in the conventional authentication method, information for accessauthentication is stored in an authentication device, which may cause aproblem with personal information security.

Recently, in order to solve these problems, efforts are being made toenhance user convenience and also to increase the security of an accesscontrol system.

SUMMARY OF THE INVENTION

The present disclosure is directed to providing an access controldevice, access control system and access control method using the samecapable of increasing its security while increasing user convenience.

Technical problems intended to be solved are not limited to theaforementioned problems, and other technical problems that are notdescribed herein will be clearly understood by those skilled in the artfrom the following description and the accompanying drawings.

According to an aspect of the present disclosure, there may be providedan access control method performed by a terminal of a user whichperforms access authentication of the user for entering a target dooraround the access control device corresponded to the target door, themethod comprising, detecting the access control device in the terminalof the user, establishing a communication channel between the detectedaccess control device and the terminal of the user, receiving theidentification information from the access control device through thecommunication channel, checking the target door of the accessauthentication of the user the based on the received identificationinformation and determining whether or not the user is allowed to accessto the target door based on access right information prestored in theterminal of the user, wherein the access right information includes atleast one of registered user identification information, registeredterminal identification information, registered access control deviceidentification information, access schedule information, and validityperiod information of the access right information.

Technical solutions of the present disclosure are not limited to theaforementioned solutions, and other solutions that are not describedherein will be clearly understood by those skilled in the art from thefollowing description and the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and advantages of the presentdisclosure will become more apparent to those of ordinary skill in theart by describing in detail exemplary embodiments thereof with referenceto the accompanying drawings, in which:

FIG. 1 is a block diagram of an access control system according to anembodiment of the present disclosure;

FIG. 2 is a block diagram of a server according to an embodiment of thepresent disclosure;

FIG. 3 is a block diagram of a terminal according to an embodiment ofthe present disclosure;

FIG. 4 is a block diagram of an access control device according to anembodiment of the present disclosure;

FIG. 5 is a flowchart of a method for controlling an access controldevice using a user's terminal according to an embodiment of the presentdisclosure;

FIG. 6 is a flowchart of a method for performing access authenticationin a user's terminal according to an embodiment of the presentdisclosure;

FIG. 7 is an exemplary diagram of access right information according toan embodiment of the present disclosure;

FIG. 8 is an exemplary diagram of access right information according toan embodiment of the present disclosure;

FIG. 9 is a surrounding view for an access control method according toan embodiment of the present disclosure;

FIG. 10 is a flowchart of a method for managing an access authenticationresult according to an embodiment of the present disclosure;

FIG. 11 is a flowchart of a method for managing a door opening accordingto an embodiment of the present disclosure;

FIG. 12 is a flowchart of a method for notifying information upon dooraccess according to an embodiment of the present disclosure;

FIG. 13 is a flowchart of a method for managing an access authenticationresult using biometric information according to an embodiment of thepresent disclosure;

FIG. 14 is a flowchart of a method for managing a door opening usingbiometric information according to an embodiment of the presentdisclosure;

FIG. 15 is a surrounding view for a method for changing a setting of anaccess control device according to an embodiment of the presentdisclosure;

FIG. 16 is a flowchart of a method for changing a setting of an accesscontrol device according to an embodiment of the present disclosure; and

FIG. 17 is a flowchart of a method for storing biometric informationacquired by a user's terminal in an access control device according toan embodiment of the present disclosure.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS

The above objects, features, and advantages of the present disclosurewill become more apparent from the following detailed description takenin conjunction with the accompanying drawings. Since the presentdisclosure may be variously modified and have several exemplaryembodiments, specific embodiments will be shown in the accompanyingdrawings and described in detail.

In the figures, the thickness of layers and regions is exaggerated forclarity. Also, when it is mentioned that an element or layer is “on”another element or layer, the element or layer may be formed directly onanother element or layer, or a third element or layer may be interposedtherebetween. Like reference numerals refer to like elements throughoutthe specification. Further, like reference numerals will be used todesignate like elements within the same scope shown in the drawings ofthe embodiments.

Detailed descriptions about well-known functions or configurationsassociated with the present disclosure will be ruled out in order not tounnecessarily obscure subject matters of the present disclosure. Itshould also be noted that, although ordinal numbers (such as first andsecond) are used in the following description, they are used only todistinguish similar elements.

The suffixes “module” and “unit” for elements used in the followingdescription are given or used interchangeably only for facilitation ofpreparing this specification, and thus they are not assigned a specificmeaning or function.

According to an aspect of the present disclosure, there may be providedan access control method performed by a terminal of a user whichperforms access authentication of the user for entering a target dooraround the access control device corresponded to the target door, themethod comprising, detecting the access control device in the terminalof the user, establishing a communication channel between the detectedaccess control device and the terminal of the user, receiving theidentification information from the access control device through thecommunication channel, checking the target door of the accessauthentication of the user the based on the received identificationinformation, and determining whether or not the user is allowed toaccess to the target door based on access right information prestored inthe terminal of the user, wherein the access right information includesat least one of registered user identification information, registeredterminal identification information, registered access control deviceidentification information, access schedule information, and validityperiod information of the access right information.

Also, the access control method may further comprise receiving biometricinformation of the user through the communication channel, wherein thebiometric information of the user is inputted from the user on theaccess control device, and wherein the access right information furtherincludes registered biometric information.

Also, the determining whether or not the user is allowed to access tothe target door may include comparing the received biometric informationof the user with the registered biometric information, and determiningthat the access authentication is successful when biometric informationof the user is matched to one of the registered biometric information.

Also, the registered biometric information may be corresponded to atleast one of registered user identification information, registeredterminal identification information, registered access control deviceidentification information, access schedule information, and validityperiod information of the access right information.

Also, the access right information may further include the accessschedule information corresponded to the registered biometricinformation, and he determining that the access authentication issuccessful when the user's biometric information is matched to one ofthe registered biometric information may include comparing current timewith the access schedule information related to the received biometricinformation of the user of the access right information, and determiningthat the access authentication has failed when the current time is notincluded in access schedule.

Also, the access right information may further include the registeredterminal identification information corresponded to the registeredbiometric information, and wherein the determining that the accessauthentication is successful when biometric information of the user ismatched to one of the registered biometric information may includecomparing identification information of the terminal of the user withthe registered terminal identification information related to thereceived biometric information of the user, and determining that theaccess authentication has failed when the identification information ofthe terminal of the user is not matched to one of the registeredterminal identification information corresponded to the receivedbiometric information of the user.

Also, the access right information may include the registered accesscontrol device identification information, and the determining whetheror not the user is allowed to access to the target door may includecomparing the received identification information with the registeredaccess control device identification information of the access rightinformation, and determining that the access authentication issuccessful when the received identification information is matched toone of the registered access control device identification information.

Also, the registered access control device identification informationmay be corresponded to at least one of the registered useridentification information, the registered terminal identificationinformation, the access schedule information, and the validity periodinformation of the access right information.

Also, the access right information may further include the accessschedule information corresponded to the registered access controldevice identification information, and the determining that the accessauthentication is successful when the received identificationinformation is matched to one of the registered access control deviceidentification information may include comparing current time with theaccess schedule information related to the received identificationinformation of the access right information, and determining that theaccess authentication has failed when the current time is not includedin access schedule.

Also, the access right information may further include the registeredterminal identification information corresponded to the registeredaccess control device identification information, and the determiningthat the access authentication is successful when the receivedidentification information is matched to one of the registered accesscontrol device identification information may include comparingidentification information of the terminal of the user with theregistered terminal identification information related to the receivedidentification information, and determining that the accessauthentication has failed when the identification information of theterminal of the user is not matched to one of the registered terminalidentification information corresponded to the received identificationinformation.

Also, the access right information may include the validity periodinformation of the access right information, and when the access rightinformation has expired, the step of the determining whether or not theuser is allowed to access to the target door may be prevented.

Also, the access control method may further comprise when the accessauthentication is successful, generating a door opening signal, andtransmitting the door opening signal to the access control device, thedoor opening signal forcing the access control device to perform a dooropening operation.

Also, the access right information may be transmitted from a serverwhich manages the access right information related to a plurality ofdoors.

Also, the access control method may further comprise when the step ofthe determining is completed, generating result information of theaccess authentication.

Also, the access control method may further comprise transmitting theresult information of the access authentication to a server whichmanages the result information of the access authentication related to aplurality of users.

Also, the target door may be selected based on a distance between thedetected access control device and the terminal of the user.

Also, the target door may be a door installed the detected accesscontrol having the distance between the detected access control deviceand the terminal of the user shorter than a specific distance.

According to an aspect of the present disclosure, there may be provideda non-transitory computer-readable recording medium having a programrecorded thereon for executing the above method.

According to an aspect of the present disclosure, there may be providedan access control device around a target door corresponded to the accesscontrol device, the device comprising, a communication unit configuredto establish a communication channel between the access control deviceand a terminal of a user and a control unit configured to transmit, viathe communication unit, the identification information of the accesscontrol device for access authentication of the user performed by theterminal of the user based on access right information prestored in theterminal of the user for entering the target door to the terminal of theuser through the communication channel, wherein the access rightinformation includes at least one of registered user identificationinformation, registered terminal identification information, registeredaccess control device identification information, access scheduleinformation, and validity period information of the access rightinformation.

Also, the access control device may further comprise a biometricinformation input unit for receiving biometric information of the user,wherein the control unit may be configured to transmit, via thecommunication unit, the biometric information of the user to theterminal of the user through the communication channel, wherein thebiometric information of the user is inputted from the user on theaccess control device, and wherein the access right information mayfurther include registered biometric information.

According to an aspect of the present disclosure, there may be providedan access control method of an access system in which an access controldevice receives a door opening input from a user and transmits an accessauthentication request signal to a user terminal and in which the userterminal performs access authentication on the user on the basis ofprestored access right information, the access control method includingthe access control device receiving a door opening input from the user;the access control device generating an access authentication requestsignal according to an input signal generated according to the input;the user terminal receiving the access authentication request signalfrom the access control device; and the user terminal performing accessauthentication on the user on the basis of the current time and theaccess right information, wherein the access right information includesaccess schedule information.

Also, the access control method may further include the user terminalcommunicating with a server and receiving a designated message from theserver after the receiving of the access authentication request signal.

Also, the designated message may include an advertising message or anotification message.

Also, the designated message may be a message designated according tothe current time among a plurality of messages.

Also, the performing of the access authentication may include checkingwhether the current time is included in the access schedule informationand determining that the access authentication is successful when thecurrent time is included in the access schedule information.

Also, the access control method may further include the user terminalacquiring identification information from the access control device. Theaccess right information may further include registered access controldevice identification information, and the registered access controldevice identification information may be corresponded to the accessschedule information. The performing of the access authentication mayinclude checking whether the acquired identification information isincluded in the registered access control device identificationinformation corresponded to the access schedule information anddetermining that the access authentication has failed when the acquiredidentification information is not included in the registered accesscontrol device identification information.

Also, the acquiring of the identification information of the accesscontrol device may include receiving the access authentication requestsignal including the identification information of the access controldevice.

Also, the access control method may further include generating the userterminal generating a door opening signal when the access authenticationis successful, after the performing of the access authentication, andthe door opening signal may force the access control device to perform adoor opening operation.

Also, the access control method may further include the user terminaltransmitting the door opening signal to the access control device.

Also, the access control method may further include receiving the accessright information from the server.

Also, the access control method may further include requesting theaccess right information from the server before the receiving of theaccess right information transmitted by the server.

Also, the user terminal may communicate with the access control devicethrough at least one of BLE, Bluetooth, NFC, and WiFi.

According to an aspect of the present disclosure, there may be provideda recording medium having a program recorded thereon for executing theabove-described method.

According to an aspect of the present disclosure, there may be providedan access control device that transmits identification information foruser access authentication to a user terminal that performs user accessauthentication on the basis of access right information, the accesscontrol device including a communication unit configured to communicatewith the user terminal; and a control unit configured to control thecommunication unit to transmit identification information of the accesscontrol device to the user terminal when a signal for startingcommunication is received from the user terminal through thecommunication unit.

Also, the access control device may further include abiometric-information input unit configured to receive the user'sbiometric information, and the control unit may control thecommunication unit to transmit the user's biometric information receivedby the biometric-information input unit to the user terminal.

Also, the control unit may encrypt the biometric information received bythe biometric-information input unit.

Also, the access control device may further include a power unitconfigured to provide power necessary for a door opening operation, andthe control unit may control the power unit to perform the door openingoperation when the door opening signal is received from the userterminal.

According to an aspect of the present disclosure, there may be providedan access control device that receives a door opening input from a userand transmits an access authentication request signal to a userterminal, the access control device including an input unit configuredto receive a door opening input from the user; a communication unitconfigured to communicate with the user terminal; and a control unitconfigured to generate an access authentication request signal andcontrol the communication unit to transmit the access authenticationrequest signal to the user terminal when the door opening input isreceived through the input unit.

Also, the access control device may further include a power unitconfigured to provide power necessary for a door opening operation, andthe control unit may control the power unit to perform the door openingoperation when the door opening signal is received from the userterminal.

Also, the control unit may transmit the identification information ofthe access control device to the user terminal through the communicationunit.

Also, the access authentication request signal may be a signal includingthe identification information of the access control device.

According to an aspect of the present disclosure, there may be provideda setting change method of a user terminal that generates a settingchange signal on the basis of manager information and setting changeinformation which are received from a user and transmits the generatedsetting change signal to an access control device so that the accesscontrol device can perform a setting change, the setting change methodincluding detecting the access control device and establishing acommunication with the access control device; receiving setting changeinformation for a setting change to be performed by the access controldevice; receiving manager information to be transmitted to the accesscontrol device so that the manager information is compared to prestoredmanager information of the access control device; generating the settingchange signal on the basis of the received setting change information;and transmitting the setting change information and the managerinformation to the access control device through wireless communication.

Also, the setting change may include at least one of a communicationinterface setting change of the access control device, a PIN settingchange of the access control device, a setting change for at least oneof a display unit of the access control device and a voice output unitof the access control device, a format change for a card recognized bythe access control device, a firmware update of the access controldevice, and storage of biometric information in the access controldevice.

Also, the setting change may be the storage of the biometric informationin the access control device, and the setting change method may furtherinclude acquiring biometric information to be stored in the accesscontrol device.

Also, the biometric information may include at least one of fingerprintinformation, iris information, vein information, face information, andvoice information.

Also, the acquiring of the biometric information may include receivingthe biometric information from the user.

Also, the acquiring of the biometric information may include receivingthe biometric information from the server.

Also, the setting change method may further include transmitting thebiometric information to the access control device.

Also, the transmitting of the biometric information to the accesscontrol device may include transmitting the setting change signalincluding the biometric information.

Also, the setting change method may further include encrypting thebiometric information.

Also, the manager information may include a manager password.

Also, the transmitting of the manager information to the access controldevice may include transmitting the setting change signal including themanager information.

Also, the wireless communication may include one of BLE, Bluetooth, NFC,and WiFi.

Also, the setting change method may further include receiving resultinformation for the setting change from the access control device.

According to an aspect of the present disclosure, there may be provideda setting change method of an access control device that receives asetting change signal from a user terminal and performs a settingchange, the setting change method including establishing a communicationwith the user terminal; receiving a setting change signal generated bythe user terminal and manager information received by the user terminalfrom the user terminal; determining whether the received managerinformation matches the prestored manager information; and performingthe setting change according to the setting change signal when thereceived manager information matches the prestored manager information.

Also, the setting change may include at least one of a communicationinterface setting change of the access control device, a PIN settingchange of the access control device, a setting change for at least oneof a display unit of the access control device and a voice output unitof the access control device, a format change for a card recognized bythe access control device, a firmware update of the access controldevice, and storage of biometric information in the access controldevice.

Also, the setting change may be the storage of the biometric informationin the access control device, and the setting change method may furtherinclude receiving the biometric information from the user terminal.

Also, the receiving of the biometric information from the user terminalmay include receiving the setting change signal including the biometricinformation.

Also, the setting change method may further include decrypting thebiometric information when the biometric information is encrypted.

Also, the manager information may include a manager password.

Also, the receiving of the received manager information may includereceiving the setting change signal including the received managerinformation.

Also, the wireless communication may include one of BLE, Bluetooth, NFC,and WiFi.

Also, the setting change method may further include transmitting resultinformation for the setting change to the user terminal.

According to an aspect of the present disclosure, there may be provideda recording medium having a program recorded thereon for executing theabove-described method.

According to an aspect of the present disclosure, there may be providedan access control device that receives, from a user terminal, managerinformation and a setting change signal which are generated by the userterminal and that performs a setting change when the received managerinformation matches prestored manager information, the access controldevice including a communication unit configured to communicate with theuser terminal; a storage unit configured to store manager information;and a control unit configured to receive the setting change signal andthe manager information received by the user terminal from the userterminal through the communication unit, check whether the receivedmanager information matches prestored manager information, and perform acontrol such that the setting change is performed according to thesetting change signal when the received manager information matches theprestored manager information.

Also, the setting change may include at least one of a communicationinterface setting change of the access control device, a PIN settingchange of the access control device, a setting change for at least oneof a display unit of the access control device and a voice output unitof the access control device, a format change for a card recognized bythe access control device, a firmware update of the access controldevice, and storage of biometric information in the access controldevice.

Also, the setting change may be the storage of the biometric informationin the access control device, and the control unit may receive thebiometric information from the user terminal through the communicationunit and may perform a control such that the biometric information isstored in the storage unit.

Also, the receiving of the biometric information from the user terminalmay include receiving the setting change signal including the biometricinformation.

Also, when the biometric information received through the communicationunit is encrypted, the control unit may decrypt the biometricinformation.

Also, the manager information may include a manager password.

Also, the receiving of the received manager information may includereceiving the setting change signal including the received managerinformation.

Also, the communication unit may use a wireless communication scheme,which is one of BLE, Bluetooth, NFC, and WiFi.

Also, the control unit may transmit the result information for thesetting change to the user terminal through the communication unit.

An access control system 10000 according to an embodiment of the presentdisclosure will be described below. The access control system may referto a system that manages access such that only a person who hassucceeded in access authentication through a user's terminal 2000 canpass through has an access right to pass through a zone where an accesscontrol device is installed in an environment in which the accesscontrol device is installed. The access control system may be used in anindoor environment such as a fitness center, an office, an institute, orthe like, or may also be used in an outdoor environment in which thereis a restricted area outside a building, such as a military base.

A door may block or allow passage through one zone. A door may include adoor frame and a door leaf. A door frame may be a fixed element thatdefines a zone where passage is to be blocked or allowed. A door leaf isan element having a changing position due to an external force.Depending on the position, a place where passage is blocked or allowedmay be changed. The change in position of the door leaf may have acomprehensive meaning including rotational movement as well as themovement of the entire door leaf. It will be appreciated that a door isnot limited to the above-described examples.

1. System Configuration

FIG. 1 is a block diagram of an access control system 10000 according toan embodiment.

Referring to FIG. 1, the access control system 10000 may include aserver 1000, a terminal 2000, and an access control device 3000. Theserver 1000 may communicate with the user's terminal 2000 to exchangevarious information.

According to an embodiment, the server 1000 may provide informationnecessary for user access authentication to the user's terminal 2000.Also, the server 1000 may acquire access authentication resultinformation from the user's terminal 2000.

The user's terminal 2000 may communicate with the access control device3000 to exchange various information.

For example, the user's terminal 2000 may receive the informationnecessary for access authentication from the access control device 3000.Also, the user's terminal 2000 may transmit data necessary for a dooropening request and/or a setting change request to the access controldevice 3000.

Also, the user's terminal 2000 may provide an application for performingsome embodiments, which will be described below.

Also, the user's terminal 2000 may be implemented with, for example, asmartphone, a tablet, a notebook, a personal digital assistant (PDA), awearable device, etc. Alternatively, the user's terminal 2000 may beimplemented with a smart card, an integrated circuit (IC) card, amagnetic card, a radio frequency (RF) chip, or the like, which iscapable of recording data.

The access control device 3000 may control the opening or closing of adoor.

For example, the access control device 3000 may be installed in a doorto control the locking or unlocking of the door. The access controldevice 3000 is not necessarily installed in a door and may be providedin various forms, depending on the selection. For example, the accesscontrol device 3000 may be installed on a wall adjacent to a door toprovide or withdraw an obstacle to or from the door. Also, when the dooris an automatic door, the access control device 3000 may change thelocation of a door leaf to open or close the door.

However, the block diagram shown in FIG. 1 is just an example forconvenience of description, and the present disclosure is not limitedthereto. According to some embodiments, any element may be added to theblock diagram of FIG. 1, and the elements shown in FIG. 1 may beexcluded or subdivided.

FIG. 2 is a block diagram of the server 1000 according to an embodiment.

Referring to FIG. 2, the server 1000 may include a server communicationunit 1100, a server input unit 1200, a server storage unit 1300, aserver display unit 1400, and a server control unit 1500.

The server communication unit 1100 may communicate with the user'sterminal 2000. For example, the server communication unit 1100 mayreceive a request for the access right information from the user'sterminal 2000. Also, the server communication unit 1100 may transmit theaccess right information to the user's terminal 2000. Also, the servercommunication unit 1100 may receive information regarding a user accessauthentication result from the user's terminal 2000. Also, when theuser's terminal 2000 receives an access authentication request signal,the server communication unit 1100 may communicate with the user'sterminal 2000 to transmit a pre-designated message to the user'sterminal 2000.

As another example, the server communication unit 1100 may transmitbiometric information to be stored in the access control device 3000 tothe user's terminal 2000.

Also, the server communication unit 1100 may include mobilecommunication units such as Bluetooth low energy (BLE), Bluetooth,wireless local area network (WLAN), wireless fidelity (WiFi), WiFiDirect, near field communication (NFC), infrared data association(IrDA), ultra wide band (UWB), Zigbee, 3G, 4G, and 5G and other wired orwireless units capable of transmitting data through variouscommunication standards.

The server input unit 1200 may acquire an electric signal correspondingto a user input. The server input unit 1200 may include a keypad, akeyboard, a switch, a button, and a touchscreen.

The server storage unit 1300 may store various kinds of data.

For example, the server storage unit 1300 may store access rightinformation. Also, the server storage unit 1300 may store user accessauthentication result information acquired from the user's terminal2000. Also, when the user's terminal 2000 receives an accessauthentication request signal, the server storage unit 1300 may store adesignated message to be transmitted to the user's terminal 2000. Also,the server storage unit 1300 may store a program necessary for operationof the server 1000. Also, the server storage unit 1300 may storebiometric information to be stored in the access control device 3000through the user's terminal 2000.

The server storage unit 1300 may include at least one type of storagemedium selected from among a flash memory-type memory, a hard disk-typememory, a multimedia card micro-type memory, a card-type memory (e.g.,an SD or XD memory), a random access memory (RAM), a static randomaccess memory (SRAM), a read-only memory (ROM), an electrically erasableprogrammable read-only memory (EEPROM), a programmable read-only memory(PROM), a magnetic memory, a magnetic disk, and an optical disc. Also,the memory may store information temporarily, permanently, orsemi-permanently and may be provided as a built-in-type orremovable-type memory.

The server display unit 1400 may output visual information.

For example, the server display unit 1400 may be a liquid crystaldisplay (LCD), an organic light-emitting diode (OLED) display, anactive-matrix organic light-emitting diode (AMOLED) device, etc.

The server control unit 1500 may control each element of the server 1000or may process and compute various kinds of information. For example,the server control unit 1500 may transmit access right information tothe user's terminal 2000 through the server communication unit 1100.Also, when the user's terminal 2000 receives an access authenticationrequest signal, the server control unit 1500 may communicate with theuser's terminal 2000 to transmit a pre-designated message to the user'sterminal 2000 through the server communication unit 1100. Also, theserver control unit 1500 may transmit, to the user's terminal 2000, thebiometric information to be stored in the access control device 3000through the server communication unit 1100.

Also, among steps that will be described in the following methods, theserver control unit 1500 may control operations for carrying out somesteps that are performed by the server 1000 or may perform computationsnecessary to carry out the steps.

The server control unit 1500 may be implemented in software, hardware,or a combination thereof. For example, in hardware, the server controlunit 1500 may be implemented with a field-programmable gate array(FPGA), an application-specific integrated circuit (ASIC), asemiconductor chip, and various other types of electronic circuits. Asanother example, in software, the server control unit 1500 may beimplemented with logic programs or various kinds of computer languageswhich are executed according to the above-described hardware.

The server 1000 does not necessarily have to include all of theabove-described elements, and some of the elements may be excludeddepending on the selection. For example, when the server 1000 does notprovide direct visual information, the server display unit 1400 may beexcluded from the server 1000. Also, depending on the selection, anelement for performing an additional function or operation may beselectively provided to the server 1000.

FIG. 3 is a block diagram of the terminal 2000 according to anembodiment.

Referring to FIG. 3, the terminal 2000 may include a terminalcommunication unit 2100, a terminal display unit 2200, a terminal inputunit 2300, a terminal location information collection unit 2400, aterminal storage unit 2500, a terminal control unit 2600, and a terminalbiometric-information input unit 2700.

The terminal communication unit 2100 may communicate with the server1000.

For example, the terminal communication unit 2100 may request accessright information from the server 1000. Also, the terminal communicationunit 2100 may receive the access right information from the server 1000.Also, the terminal communication unit 2100 may transmit informationregarding a user access authentication result to the server 1000. Also,when the terminal communication unit 2100 receives an accessauthentication request signal, the terminal communication unit 2100 maycommunicate with the user's terminal 2000 to receive a pre-designatedmessage from the server 1000.

As another example, the terminal communication unit 2100 may receivebiometric information to be stored in the access control device 3000from the server 1000.

Also, the terminal communication unit 2100 may communicate with theaccess control device 3000.

For example, the terminal communication unit 2100 may receive biometricinformation from the access control device 3000. Also, the terminalcommunication unit 2100 may receive identification information of theaccess control device 3000 from the access control device 3000. Also,the terminal communication unit 2100 may receive an accessauthentication request signal from the access control device 3000. Also,the terminal communication unit 2100 may transmit a door opening signalto the access control device 3000.

As another example, the terminal communication unit 2100 may transmit asetting change signal to the access control device 3000. Also, theterminal communication unit 2100 may receive setting change resultinformation from the access control device 3000.

The terminal communication unit 2100 may include mobile communicationunits such as BLE, Bluetooth, WLAN, WiFi, WiFi Direct, NFC, IrDA, UWB,Zigbee, 3G, 4G, and 5G and other wired or wireless units capable oftransmitting data through various communication standards.

The terminal display unit 2200 may output various visual information.

For example, the terminal display unit 2200 may detect the accesscontrol device 3000 and may output the information when communication isestablished. Also, the terminal display unit 2200 may visually output auser access authentication result. Also, the terminal display unit 2200may visually output a message received from the server 1000. Also, theterminal display unit 2200 may visually output a screen for inputtingsetting change information in order to change the settings of the accesscontrol device 3000.

The terminal display unit 2200 may be an LCD display, an OLED display,an AMOLED display, or the like. When the terminal display unit 2200 isprovided as a touchscreen, the terminal display unit 2200 may functionas the terminal input unit 2300. In this case, depending on theselection, a separate terminal input unit 2300 may not be provided, anda terminal input unit 2300 configured to perform limited functions suchas a voltage adjustment function, a power button function, a home buttonfunction, etc. may be provided.

The terminal input unit 2300 may acquire a signal corresponding to auser input.

For example, the terminal input unit 2300 may receive an input forrequesting access right information from the server 1000. Also, theterminal input unit 2300 may receive an input for requestingidentification information or biometric information from the accesscontrol device 3000.

As another example, the terminal input unit 2300 may receive settingchange information to change the settings of the access control device3000. Also, the terminal input unit 2300 may receive manager informationto be checked on whether the manager information matches managerinformation prestored in the access control device 3000.

The terminal input unit 2300 may be implemented with, for example, akeyboard, a keypad, a button, a jog dial, or a wheel. Also, the userinput may be, for example, a button press, a touch, or a drag. When theterminal display unit 2200 is implemented with a touchscreen, theterminal display unit 2200 may serve as the terminal input unit 2300.

The terminal location information collection unit 2400 may acquirelocation information for the terminal 2000 to determine its location.For example, the terminal location information collection unit 2400 maybe a unit configured to acquire coordinate information for performinglocation determination, such as a GPS unit.

The terminal storage unit 2500 may store various kinds of data.

For example, the terminal storage unit 2500 may store data necessary foroperation of the terminal 2000. Also, the terminal storage unit 2500 maystore the access right information.

The terminal storage unit 2500 may include at least one type of storagemedium selected from among a flash memory-type memory, a hard disk-typememory, a multimedia card micro-type memory, a card-type memory (e.g.,an SD or XD memory), a RAM, an SRAM, a ROM, an EEPROM, a PROM, amagnetic memory, a magnetic disk, and an optical disc. Also, the memorymay store information temporarily, permanently, or semi-permanently andmay be provided as a built-in-type or removable-type memory.

The terminal control unit 2600 may control each element of the terminal2000 or may process and compute various kinds of information. Also, theterminal control unit 2600 may acquire signals from some elementsincluded in the user's terminal 2000. Also, among steps that will bedescribed in the following methods, the terminal control unit 2600 maycontrol operations for carrying out some steps that are performed by theuser's terminal 2000 or may perform computations necessary to carry outthe steps.

The terminal control unit 2600 may be implemented in software, hardware,or a combination thereof. For example, in hardware, the terminal controlunit 2600 may be implemented with an FPGA, an ASIC, a semiconductorchip, and various other types of electronic circuits. As anotherexample, in software, the terminal control unit 2600 may be implementedwith logic programs or various kinds of computer languages which areexecuted according to the above-described hardware.

The terminal biometric-information input unit 2700 may receive a user'sbiometric information. The biometric information may refer to at leastone of the user's voice information, fingerprint information, irisinformation, face information, and vein information. The terminalbiometric-information input unit 2700 may be implemented with at leastone of a microphone through which the user's voice information is input,a screen scanner through which the user's fingerprint information isinput, and a camera through which the user's iris information, faceinformation, and vein information are input.

FIG. 4 is a block diagram of the access control device 3000 according toan embodiment.

Referring to FIG. 4, the access control device 3000 may include acommunication unit 3100, a display unit 3200, a voice output unit 3300,a sensor unit 3400, a storage unit 3500, a power unit 3600, a controlunit 3700, a biometric-information input unit 3800, and an input unit3900.

The communication unit 3100 may communicate with the user's terminal2000.

For example, the communication unit 3100 may transmit identificationinformation of the access control device 3000 to the user's terminal2000. Also, the communication unit 3100 may transmit biometricinformation received by the access control device 3000 to the user'sterminal 2000. Also, the communication unit 3100 may transmit, to theuser's terminal 2000, an access authentication request signal generatedaccording to an input signal corresponding to a user's input for openinga door.

As another example, the communication unit 3100 may receive a settingchange signal from the user's terminal 2000. Also, the communicationunit 3100 may transmit result information obtained by performing asetting change to the user's terminal 2000.

The communication unit 3100 may mainly perform communications accordingto wireless communication standards, but may include mobilecommunication units such as BLE, Bluetooth, WLAN, WiFi, WiFi Direct,NFC, IrDA, UWB, Zigbee, 3G, 4G, and 5G and other wired or wireless unitscapable of transmitting data through various communication standards.

The display unit 3200 may output information to be visually provided tothe user.

For example, when a door opening signal is received, the display unit3200 may output information indicating the reception as visualinformation. Also, when a setting change signal is received, the displayunit 3200 may output information indicating the reception as visualinformation.

The display unit 3200 may be an LCD display, an OLED display, an AMOLEDdisplay, or the like. When the display unit 3200 includes a touch panel,the display unit 3200 may operate as a touch input-based input device.

The voice output unit 3300 may output information to be auditorilyprovided to the user.

For example, when a door opening signal is received, the display unit3200 may output information indicating the reception as auditoryinformation. Also, when a setting change signal is received, the displayunit 3200 may output information indicating the reception as auditoryinformation.

The voice output unit 3300 may be a speaker, a buzzer, or the like,which outputs a sound.

The sensor unit 3400 may acquire an external environment signal requiredfor the access control device 3000. For example, the sensor unit 3400may acquire a signal regarding a distance from a user, an object, or thelike. As another example, the sensor unit 3400 may acquire a signalnecessary to determine the location of a door leaf.

Various kinds of information may be stored in the storage unit 3500.

For example, the storage unit 3500 may store a program for performing acontrol operation of the control unit 3700 and may store data receivedfrom the outside, data generated by the control unit 3700, etc. Also,the storage unit 3500 may store manager information to be checked onwhether the manager information matches manager information received bythe user's terminal 2000. Also, the storage unit 3500 may storebiometric information received from the user's terminal 2000.

The storage unit 3500 may include at least one type of storage mediumselected from among a flash memory-type memory, a hard disk-type memory,a multimedia card micro-type memory, a card-type memory (e.g., an SD orXD memory), a RAM, an SRAM, a ROM, an EEPROM, a PROM, a magnetic memory,a magnetic disk, and an optical disc. Also, the memory may storeinformation temporarily, permanently, or semi-permanently and may beprovided as a built-in-type or removable-type memory.

The power unit 3600 may provide power necessary to lock or unlock thedoor leaf. Also, when the door is implemented as an automatic door, thepower unit 3600 may provide power necessary to open or close the doorleaf.

The power unit 3600 may be provided as a motor, a solenoid, or anactuator.

When the power unit 3600 provides power necessary to lock or unlock thedoor leaf, the power unit 3600 may provide power so that a locking unitis maintained and/or changed from a locked state to an unlocked state.The locking unit may be provided as, for example, a deadbolt, a latchbolt, or a combination thereof. Also, the locking unit is not limited tothe deadbolt and latch bolt that have been described as an example, andtypical locking units may be utilized.

The control unit 3700 may control each element of the access controldevice 3000 or may process and compute various kinds of information.Also, the control unit 3700 may acquire signals from some elementsincluded in the access control device 3000. Also, among steps that willbe described in the following methods, the control unit 3700 may controloperations for carrying out some steps that are performed by the accesscontrol device 3000 or may perform calculations necessary to carry outthe steps.

The control unit 3700 may be implemented in software, hardware, or acombination thereof. For example, in hardware, the control unit 3700 maybe implemented with an FPGA, an ASIC, a semiconductor chip, and variousother types of electronic circuits. As another example, in software, thecontrol unit 3700 may be implemented with logic programs or variouskinds of computer languages which are executed according to theabove-described hardware.

The biometric-information input unit 3800 may receive a user's biometricinformation.

For example, the biometric-information input unit 3800 may receive atleast one of the user's voice information, fingerprint information, irisinformation, face information, and vein information.

The biometric-information input unit 3800 may be implemented with atleast one of a microphone through which the user's voice information isinput, a screen scanner through which the user's fingerprint informationis input, and a camera through which the user's iris information, faceinformation, and vein information are input.

The input unit 3900 may receive various inputs.

For example, the input unit 3900 may receive a door opening input fromthe user and may drive the power unit 3600 to open the door. Also, theinput unit 3900 may receive the door opening input from the user andthen may enable the access control device 3000 to transmit an accessauthentication request signal to the user's terminal 2000.

For example, the input unit 3900 may be implemented as a keyboard, akeypad, a button, a switch, a jog dial, or a wheel. Also, the user inputmay be, for example, a switch press, a button press, a touch, or a drag.When the display unit 3200 is implemented with a touchscreen, thedisplay unit 3200 may serve as the input unit 3900.

The access control device 3000 according to an embodiment of the presentdisclosure does not necessarily have to include all of the aboveelements, and some of the elements may be excluded depending on theselection.

The access control system 10000 according to an embodiment of thepresent disclosure may be implemented in a form including at least oneaccess control device 3000. As an example, the access control system10000 may include one access control device 3000 including acommunication unit 3100 and a control unit 3700. As a specific example,the access control device 3000 may receive information acquired from theterminal 2000 through the communication unit 3100, which functions as areader, may analyze the acquired information through the control unit3700, which functions as a controller, and may perform a function oftransmitting a signal for unlocking a door locking device. Also, theaccess control device 3000 may perform a function of controllingoperations such as door access control, time and attendance management,and system mode changes in addition to the function of transmitting thesignal for unlocking a door locking device.

As another example, the access control system 10000 may include a firstaccess control device 3000 including at least a communication unit 3100and a second access control device 3000 including at least a controlunit 3700. As a specific example, the first access control device 3000may receive information acquired from the terminal 2000 through thecommunication unit 3100, which functions as a reader, and may transmitthe acquired information to the second access control device 3000through the communication unit 3100 connected to the second accesscontrol device 3000 in a wired or wireless communication manner. In thiscase, when the second access control device 3000 receives theinformation from the first access control device 3000, the second accesscontrol device 3000 may perform a function of transmitting a signal forunlocking a door locking device on the basis of the information receivedthrough the control unit 3700, which functions as a controller. Also,the second access control device 3000 may perform a function ofcontrolling operations such as door access control, time and attendancemanagement, and system mode change in addition to the function oftransmitting the signal for unlocking a door locking device.

Also, depending on the selection, an element for performing anadditional function or operation may be provided to the access controldevice 3000.

The access control system 10000 associated with various embodiments andthe elements, operations, terms, and the like included in the accesscontrol system 10000 have been described above. The above-describedaccess control system 10000 and the elements, operations, terms, and thelike included in the access control system 10000 may be applied tovarious methods and embodiments which will be described below. However,it should be noted that the following access control system 10000 doesnot necessarily have to be configured to have the above-describedelements and functions and may be applied even to an access controlsystem having a different configuration from the above-described accesscontrol system 10000.

2. Control of Access Control Device Using User's Terminal

FIG. 5 is a flowchart of a method for controlling an access controldevice 3000 using a user's terminal 2000 according to an embodiment ofthe present disclosure.

Referring to FIG. 5, the method for controlling an access control device3000 using the user's terminal 2000 may include causing the user'sterminal 2000 to generate a control signal for controlling the accesscontrol device 3000 (S100) and causing the user's terminal 2000 totransmit the control signal to the access control device 3000 (S110).

According to some embodiments, the step of the user's terminal 2000generating a control signal for controlling the access control device3000 (S100) may be performed.

The user's terminal 2000 may perform various operations in order tocontrol the access control device 3000 and may generate a control signalto be transmitted to the access control device 3000. The control signalmay be for opening a door or may be for changing settings of the accesscontrol device 3000.

For example, the user's terminal 2000 may perform user accessauthentication in order to control the access control device 3000 toopen a door. When the access authentication is successful, the user'sterminal 2000 may generate a door opening signal to be transmitted tothe access control device 3000. The access control device 3000 mayreceive the door opening signal and open the door according to the dooropening signal.

As another example, in order to control the access control device 3000to change settings, the user's terminal 2000 may receive setting changeinformation for the access control device 3000 and generate a settingchange signal for the access control device 3000 on the basis of thesetting change information. The access control device 3000 may receivethe setting change signal and change the settings according to thesetting change signal.

According to some embodiments, the step of the user's terminal 2000transmitting a control signal to the access control device 3000 (S110)may be performed.

In order to control the access control device 3000, the user's terminal2000 may transmit the control signal to the access control device 3000.For example, the user's terminal 2000 may transmit a door opening signalto the access control device 3000 in order to open a door. When the dooropening signal is received, the access control device 3000 may open thedoor. As another example, the user's terminal 2000 may transmit asetting change signal to the access control device 3000 in order tochange the settings of the access control device 3000. When the settingchange signal is received, the access control device 3000 may perform asetting change.

The above-described control of the access control device 3000 using theuser's terminal 2000 is just an example for convenience of description.Therefore, the present disclosure is not limited thereto, and a typicalcontrol of the access control device 3000 using the user's terminal 2000may be utilized.

3. Access Control Method

A conventional access control system includes an authentication serverfor access control and an access control device. When a user requestspermission for access, the authentication server for access control andthe access control device are systematically associated with each otherto determine whether to permit the access.

Such a conventional system may determine whether to permit access onlywhen the authentication server for access control and the access controldevice remain communicable and also perform their respective roles.Accordingly, when the authentication server for access control isdisabled or when a problem arises in communication between theauthentication server for access control and the access control device,a user's access cannot be permitted. Also, the conventional system isvulnerable to security threats because access authentication informationmay be stored in the access control device.

A method of performing access authentication in the user's terminal 2000will be described below with reference to FIGS. 6, 7, and 8.

FIG. 6 is a flowchart of a method for performing access authenticationin a user's terminal 2000 according to an embodiment of the presentdisclosure.

The method of the user's terminal 2000 performing access authenticationmay include acquiring access authentication information (S200) andperforming access authentication (S210).

The user's terminal 2000 may acquire information to perform user accessauthentication (S200).

The user's terminal 2000 may acquire information for performing useraccess authentication from the server 1000 and the access control device3000. For example, the user's terminal 2000 may acquire access rightinformation from the server 1000. Also, the user's terminal 2000 mayacquire, from the access control device 3000, identification informationof the access control device 3000 and biometric information receivedfrom a user.

The user's terminal 2000 may perform access authentication on the user(S210).

The access authentication may be to determine whether the user has anaccess right. Therefore, successful access authentication may be adetermination that the user has an access right, and failed accessauthentication may be a determination that the user has no access right.

The user's terminal 2000 may perform user access authentication invarious ways on the basis of prestored access right information.

The identification information may be information for identifying aspecific device among a plurality of devices. For example, theidentification information may include at least one of a device ID, auniversal unique identifier (UUID), a unique identifier (UID), an IPaddress, a MAC address, a CPU (MCU) serial number or HDD serial number,and a communication number of a terminal.

The access right information is information that is used by the user'sterminal 2000 to perform user access authentication according to whetherthe user has an access right. The access right information may includeat least one of registered user identification information, registeredbiometric information, registered terminal identification information,registered access control device identification information, accessschedule information, and validity period information, which may becorresponded to each other. The access right information may beregistered in the server 1000 and managed by a manager. The user'sterminal 2000 may acquire the access right information from the server1000 and store the acquired access right information before performingaccess authentication. Also, the access right information may be storedin the user's terminal 2000. However, when the access right informationhas expired or is not stored, the user's terminal 2000 may receive theaccess right information from the server 1000.

A method of performing user access authentication will be describedbelow with reference to FIGS. 7 and 8.

FIGS. 7 and 8 are exemplary diagrams of access right informationaccording to an embodiment of the present disclosure. However, FIGS. 7and 8 are just examples for convenience of description, and the accessright information is not limited thereto. Depending on the selection,some information may be excluded therefrom, or various additionalinformation may be added thereto.

The user's terminal 2000 may check a target door of the accessauthentication of the user based on received identification informationfrom the access control device 3000.

The user's terminal 2000 may perform user access authentication bycomparing the access right information to the identification informationof the access control device 3000.

In detail, the access right information includes registered accesscontrol device identification information. The user's terminal 2000 maycheck whether the identification information acquired from the accesscontrol device 3000 is included in the access right information, and maydetermine that the access authentication is successful when theidentification information of the access control device 3000 is includedin the access right information. Also, the user's terminal 2000 maycheck whether the identification information acquired from the accesscontrol device 3000 is included in the access right information, and maydetermine that the access authentication has failed when theidentification information of the access control device 3000 is notincluded in the access right information.

Also, when the identification information of the access control device3000 is included in the registered access control device identificationinformation corresponded to other information in the access rightinformation, the user's terminal 2000 may determine that the user accessauthentication is successful. When the identification information of theaccess control device 3000 is not included in the registered accesscontrol device identification information corresponded to otherinformation in the access right information, the user's terminal 2000may determine that the user access authentication has failed.

For example, in FIG. 7, when the user's terminal 2000 is “a” and thecorresponding access control device 3000 is “first door,” the user'sterminal 2000 may determine that the access authentication is successfulbecause identification information of “first door” is included inidentification information of access control devices which areregistered in the access right information and for which “a” has anaccess right. As another example, in FIG. 7, when the user's terminal2000 is “a” and the corresponding access control device 3000 is “fourthdoor,” the user's terminal 2000 may determine that the accessauthentication has failed because identification information of “fourthdoor” is not included in identification information of access controldevices which are registered in the access right information and forwhich “a” has an access right.

Also, the user's terminal 2000 may perform user access authentication bycomparing the access right information to the identification informationof the user's terminal 2000.

In detail, when the access right information has registered accesscontrol device identification information corresponded to registeredterminal identification information, the user's terminal 2000 may checkwhether the identification information of the user's terminal 2000 isincluded in the registered terminal identification informationcorresponded to the identification information acquired from the accesscontrol device 3000 and may determine that the access authentication issuccessful when the identification information of the user's terminal2000 is included in the registered terminal identification information.Also, when the access right information has registered access controldevice identification information corresponded to registered terminalidentification information, the user's terminal 2000 may check whetherthe identification information of the user's terminal 2000 is includedin the registered terminal identification information corresponded tothe identification information acquired from the access control device3000 and may determine that the access authentication has failed whenthe identification information of the user's terminal 2000 is notincluded in the registered terminal identification information.

For example, in FIG. 8, when the user's terminal 2000 is “b” and thecorresponding access control device 3000 is “first door,” the user'sterminal 2000 may determine that the access authentication is successfulbecause identification information of “b” is included in identificationinformation of registered terminals which are in the access rightinformation and to which an access right for “first door” is assigned.As another example, in FIG. 8, when the user's terminal 2000 is “b” andthe corresponding access control device 3000 is “second door,” theuser's terminal 2000 may determine that the access authentication hasfailed because identification information of “b” is not included inidentification information of terminals which are registered in theaccess right information and to which an access right for “second door”is assigned.

Also, the user's terminal 2000 may perform user access authentication bycomparing the access right information to biometric information acquiredfrom a user.

In detail, the access right information includes registered biometricinformation. The user's terminal 2000 may check whether biometricinformation acquired from a user is included in the access rightinformation, and may determine that the access authentication issuccessful when the biometric information acquired from the user isincluded in the access right information. Also, the access rightinformation includes registered biometric information. The user'sterminal 2000 may check whether biometric information acquired from auser is included in the access right information, and may determine thatthe access authentication has failed when the biometric informationacquired from the user is not included in the access right information.

Also, when the biometric information received from a user is included inthe registered biometric information corresponded to other informationin the access right information, the user's terminal 2000 may determinethat the user access authentication is successful. When the biometricinformation received from a user is not included in the registeredbiometric information corresponded to other information in the accessright information, the user's terminal 2000 may determine that the useraccess authentication has failed.

For example, in FIG. 7, when the user's biometric information is “a” andthe corresponding access control device 3000 is “first door,” the user'sterminal 2000 may determine that the access authentication is successfulbecause identification information of “first door” is included inidentification information of access control devices which areregistered in the access right information and for which “a” has anaccess right. As another example, in FIG. 7, when the user's biometricinformation is “a′” and the corresponding access control device 3000 is“fourth door,” the user's terminal 2000 may determine that the accessauthentication has failed because identification information of “fourthdoor” is not included in identification information of access controldevices which are registered in the access right information and forwhich “a′” has an access right.

Also, the user's terminal 2000 may perform user access authentication bycomparing the access right information to the current time.

In detail, the user's terminal 2000 may check whether the current timeis included in access schedule information and may determine that theaccess authentication is successful when the current time is included inthe access schedule information. Also, the user's terminal 2000 maycheck whether the current time is included in access scheduleinformation, and may determine that the access authentication has failedwhen the current time is not included in the access scheduleinformation.

Also, the user's terminal 2000 may check whether the current time isincluded in access schedule information corresponded to theidentification information of the access control device 3000, which isincluded in the information corresponded to the access rightinformation, and may determine that the access authentication has failedwhen the current time is not included in the access schedule informationcorresponded to the identification information of the access controldevice 3000.

Also, the user's terminal 2000 may check whether the current time isincluded in access schedule information corresponded to theidentification information of the user's terminal 2000, which isincluded in the information corresponded to the access rightinformation, and may determine that the access authentication has failedwhen the current time is not included in the access schedule informationcorresponded to the identification information of the user's terminal2000.

Also, the user's terminal 2000 may check whether the current time isincluded in access schedule information corresponded to acquiredbiometric information, which is included in the information correspondedto the access right information, and may determine that the accessauthentication has failed when the current time is not included in theaccess schedule information corresponded to the acquired biometricinformation.

For example, in FIG. 7, when the user's terminal 2000 is “a,” the user'sbiometric information is “a′,” and the corresponding access controldevice 3000 is “first door,” the user's terminal 2000 determines thatthe access authentication is successful. Even in this case, however,when the current time is 8:00 AM, the user's terminal 2000 may determinethat the access authentication has failed because the current time isnot included in access schedule information corresponding to “firstdoor.” As another example, in FIG. 7, when the user's terminal 2000 is“a,” the user's biometric information is “a′,” and the correspondingaccess control device 3000 is “first door,” the user's terminal 2000determines that the access authentication is successful. Even in thiscase, however, when the current time is 8:00 AM, the user's terminal2000 may determine that the access authentication has failed because thecurrent time is not included in access schedule informationcorresponding to “a” and/or “a′.”

Also, the user's terminal 2000 may perform user access authenticationinformation according to whether the access right information hasexpired.

In detail, the user's terminal 2000 may check whether the access rightinformation has expired, and may determine that the accessauthentication has failed when the access right information has expired.

Even though the user's terminal 2000 has determined that the accessauthentication was successful, the user's terminal 2000 may determinethat the access authentication has failed when the access rightinformation has expired. Alternatively, when the access lightinformation has expired, the user's terminal 2000 may immediatelydetermine that the access authentication has failed.

For example, in FIG. 7, when the user's terminal 2000 is “a,” the user'sbiometric information is “a′,” and the corresponding access controldevice 3000 is “first door,” the user's terminal 2000 determines thatthe access authentication is successful. Even in this case, however,when five hours, which indicate the validity period of the access rightinformation, have passed and thus the access right information hasexpired, the user's terminal 2000 may determine that the accessauthentication has failed. Also, in FIG. 7, when five hours, whichindicates the validity period of the access right information, havepassed and thus the access right information has expired, the user'sterminal 2000 may determine that the access authentication has failed.

The user's terminal 2000 may compare the received identificationinformation with the registered access control device identificationinformation of the access right information, and determine that theaccess authentication is successful when the received identificationinformation is matched to one of the registered access control deviceidentification information.

Also, the user's terminal 2000 may compare current time with the accessschedule information related to the received identification informationof the access right information, and determine that the accessauthentication has failed when the current time is not included inaccess schedule.

Also, the user's terminal 2000 may compare identification information ofthe user's terminal 2000 with the registered terminal identificationinformation related to the received identification information, anddetermine that the access authentication has failed when theidentification information of the user's terminal 2000 is not matched toone of the registered terminal identification information correspondedto the received identification information.

Also, the user's terminal 2000 may prevent the step of the determiningwhether or not the user is allowed to access to the target door when theaccess right information has expired.

Also, the user's terminal 2000 may compare the received biometricinformation of the user with the registered biometric information, anddetermine that the access authentication is successful when biometricinformation of the user is matched to one of the registered biometricinformation.

Also, the user's terminal 2000 may compare current time with the accessschedule information related to the received biometric information ofthe user of the access right information, and determine that the accessauthentication has failed when the current time is not included inaccess schedule.

Also, the user's terminal 2000 may compare identification information ofthe user's terminal 2000 with the registered terminal identificationinformation related to the received biometric information of the user,and determine that the access authentication has failed when theidentification information of the user's terminal 2000 is not matched toone of the registered terminal identification information correspondedto the received biometric information of the user.

An access authentication method is not limited to the above-describedmethods and may be provided even in a combination of the above-describedmethods.

FIG. 9 is a surrounding view of the access control method according toan embodiment of the present disclosure.

As shown in FIG. 9 as an example, according to the access control methodaccording to an embodiment, the user's terminal 2000 may receiveidentification information and/or biometric information from the accesscontrol device 3000, and the user's terminal 2000 may perform useraccess authentication on the basis of access authentication information.When the user access authentication is successful, a user may access acorresponding door.

An access control method of the access control system 10000 in which theuser's terminal 2000 performs access authentication will be describedbelow with reference to FIGS. 10, 11, and 12.

FIG. 10 is a flowchart of a method for managing an access authenticationresult according to an embodiment of the present disclosure. The user'sterminal 2000 approaches the access control device 3000, performs accessauthentication, and transmits the result to the server 1000. Thus, theaccess authentication result may be managed by the server 1000. Thus,the access control system 10000 may be utilized for time and attendancemanagement of workers or the like.

Referring to FIG. 10, the method for managing an access authenticationresult may include the user's terminal 2000 requesting access rightinformation from the server 1000 (S300), the server 1000 transmittingthe access right information to the user's terminal 2000 (S310),establishing a communication between the user's terminal 2000 and theaccess control device 3000 (S320), the access control device 3000transmitting identification information to the user's terminal 2000(S330), the user's terminal 2000 performing access authentication(S340), the user's terminal 2000 generating access authentication resultinformation (S350), and the user's terminal 2000 transmitting the accessauthentication result information to the server 1000 (S360).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 requesting access right information from the server1000 (S300) may be performed.

The user's terminal 2000 may have the access right information prestoredtherein or may request the access right information from the server1000.

For example, when the access right information is not stored, the user'sterminal 2000 may automatically request the access right informationfrom the server 1000. Also, when the access right information hasexpired, the user's terminal 2000 may automatically request the accessright information from the server 1000.

Alternatively, when a user request is input, the user's terminal 2000may request the access right information from the server 1000. Forexample, even though the access right information is stored in theuser's terminal 2000, a user may want to update the access rightinformation or may not know that the access right information is stored.In this case, the user may input a request to the user's terminal 2000,and the user's terminal 2000 may request the access right informationfrom the server 1000.

Step S300 is not necessarily required and may be omitted according tosome embodiments.

Also, according to some embodiments of the present disclosure, the stepof the server 1000 transmitting the access right information to theuser's terminal 2000 (S310) may be performed.

When an access right information request is received from the user'sterminal 2000, the server 1000 may transmit the access right informationto the user's terminal 2000. For example, when a user enters a requestfor the access right information to the server 1000 because the accessright information is not stored in the user's terminal 2000 or becausethe access right information has expired, the server 1000 may transmitthe access right information to the user's terminal 2000.

Alternatively, even when an access right information request is notreceived from the user's terminal 2000, the server 1000 may transmit theaccess right information to the user's terminal 2000. For example, theserver 1000 may check whether the access right information is stored inthe user's terminal 2000 through periodic communication with the user'sterminal 2000 and may automatically transmit the access rightinformation to the user's terminal 2000 when the access rightinformation is not stored.

When the server 1000 transmits the access right information to theuser's terminal 2000, the user's terminal 2000 may receive the accessright information and store the received access right information in theterminal storage unit 2500.

Step S310 is not necessarily required and may be omitted according tosome embodiments.

According to some embodiments of the present disclosure, the step ofestablishing a communication between the user's terminal 2000 and theaccess control device 3000 (S320) may be performed.

When the user's terminal 2000 approaches the access control device 3000,the user's terminal 2000 may detect the access control device 3000 andestablish a communication channel with the access control device 3000.In this case, when the communication channel is established, the user'sterminal 2000 or the access control device 3000 may output anotification to the outside.

The communication between the user's terminal 2000 and the accesscontrol device 3000 may be performed according to a short-rangecommunication standard such as BLE, Bluetooth, NFC, and Wi-Fi.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 transmitting identification information tothe user's terminal 2000 (S330) may be performed.

When a communication channel with the user's terminal 2000 isestablished, the access control device 3000 may automatically transmitthe identification information of the access control device 3000 to theuser's terminal 2000. Alternatively, when a request for theidentification information is received from the user's terminal 2000,the access control device 3000 may transmit the identificationinformation to the user's terminal 2000. Also, the step of the accesscontrol device 3000 transmitting the identification information to theuser's terminal 2000 and the step of establishing a communicationchannel between the user's terminal 2000 and the access control device3000 may be performed at the same time.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 performing access authentication (S340) may beperformed.

The user's terminal 2000 may perform user access authentication by atleast one of the access authentication methods (S210) that have beendescribed on the basis of the access right information prestored in theterminal storage unit 2500.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating access authentication result information(S350) may be performed.

The user's terminal 2000 may perform access authentication, and maygenerate result information indicating the success of the accessauthentication when the access authentication is successful.Alternatively, the user's terminal 2000 may perform the accessauthentication, and may generate result information indicating thefailure of the access authentication when the access authentication hasfailed. In this case, the user's terminal 2000 may output a visualnotification indicating the authentication result through the terminaldisplay unit 2200 or may output a voice notification message indicatingthe authentication result through a separate output unit.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the access authentication resultinformation to the server 1000 (S360) may be performed.

The user's terminal 2000 may transmit the generated accessauthentication result information to the server 1000. The server 1000may receive and store the access authentication result information inthe server storage unit 1300.

FIG. 11 is a flowchart of a method for managing a door opening accordingto an embodiment of the present disclosure. The user's terminal 2000 maycontrol a door opening or closing operation by approaching the accesscontrol device 3000, performing access authentication, and transmittinga door opening signal to the access control device 3000. Thus, theaccess control system 10000 may utilize the user's terminal 2000 as adoor access means.

Referring to FIG. 11, the method for managing a door opening may includethe user's terminal 2000 requesting access right information from theserver 1000 (S400), the server 1000 transmitting the access rightinformation to the user's terminal 2000 (S410), establishing acommunication between the user's terminal 2000 and the access controldevice 3000 (S420), the access control device 3000 transmittingidentification information to the user's terminal 2000 (S430), theuser's terminal 2000 performing access authentication (S440), the user'sterminal 2000 generating a door opening signal (S450), the user'sterminal 2000 transmitting the door opening signal to the access controldevice 3000 (S460), and the access control device 3000 performing a dooropening operation (S470).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 requesting the access right information from theserver 1000 (S400) may be performed.

Step S400 is performed similarly to step S300, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S400 is not necessarily required and may be omitted according tosome embodiments.

Also, according to some embodiments of the present disclosure, the stepof the server 1000 transmitting the access right information to theuser's terminal 2000 (S410) may be performed.

Step S410 is performed similarly to step S310, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S410 is not necessarily required and may be omitted according tosome embodiments.

According to some embodiments of the present disclosure, the step ofestablishing a communication channel between the user's terminal 2000and the access control device 3000 (S420) may be performed.

Step S420 is performed similarly to step S320, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 transmitting identification information tothe user's terminal 2000 (S430) may be performed.

Step S430 is performed similarly to step S330, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 performing access authentication (S440) may beperformed.

Step S440 is performed similarly to step S340, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating a door opening signal (S450) may beperformed.

Also, when a user succeeds in the access authentication, the user'sterminal 2000 may generate a door opening signal to be transmitted tothe access control device 3000. The door opening signal may force theaccess control device 3000 to perform a door opening operation. In otherwords, when the door opening signal is transmitted from the user'sterminal 2000 to the access control device 3000, the control unit 3700may change the access control device 3000 to a door opening statethrough the power unit 3600. However, the user's terminal 2000 may notgenerate a door opening signal when the user access authentication hasfailed.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the door opening signal to the accesscontrol device 3000 (S460) may be performed.

The user's terminal 2000 may transmit the door opening signal to theaccess control device 3000. For example, the user's terminal 2000 maytransmit the door opening signal to the access control device 3000through wireless communication such as BLE, Bluetooth, WLAN, WiFi, WiFiDirect, NFC, IrDA, UWB, and Zigbee.

Also, in order to prevent an undesired door from being opened, theuser's terminal 2000 may transmit the door opening signal to the accesscontrol device 3000 when the distance between the user's terminal 2000and the access control device 3000 is less than or equal to a certaindistance.

In this case, the user's terminal 2000 may transmit the door openingsignal to the access control device 3000, and the access control device3000 may transmit a positive acknowledgement signal (ACK) to the user'sterminal 2000 when the door opening signal is successfully received.Also, the user's terminal 2000 may transmit the door opening signal tothe access control device 3000, and the access control device 3000 maytransmit a negative acknowledgement signal (NACK) when the door openingsignal is not successfully received. In this case, when the user'sterminal 2000 receives the positive acknowledgement signal from theaccess control device 3000, the access control device 3000 may transmit,to the server 1000, information indicating that the door is opened.Conversely, when the user's terminal 2000 receives the negativeacknowledgement signal from the access control device 3000, the accesscontrol device 3000 may transmit, to the server 1000, informationindicating that the door is not opened.

Also, according to some embodiments, the step of the access controldevice 3000 performing the door opening operation (S470) may beperformed.

When the access control device 3000 receives the door opening signalfrom the user's terminal 2000, the access control device 3000 mayprovide power through the power unit 3600 so that a door leaf can becomeunlocked. Also, when the door is an automatic door, the access controldevice 3000 may provide power through the power unit 3600 so that thedoor leaf can become opened.

After the door leaf is unlocked, the access control device 3000 mayprovide power through the power unit 3600 so that the door leaf islocked on the basis of a locking condition. The access control device3000 may determine whether the door leaf is reclosed on the basis of asignal acquired from the sensor unit 3400. When the door leaf isreclosed, the access control device 3000 may provide power through thepower unit 3600 such that the door leaf can be locked. Also, the accesscontrol device 3000 may provide power through the power unit 3600 inadditional consideration of a locking standby time so that the door leafcan be locked after the locking standby time even though the door leafis reclosed. Also, by outputting at least one of auditory information,visual information, and vibration through the display unit 3200, thevoice output unit 3300, and/or a separate output unit, the accesscontrol device 3000 may notify that the door is opened.

In the above-described door opening management method, although notshown, the step of the user's terminal 2000 generating accessauthentication result information (S350) and the step of the user'sterminal 2000 transmitting the access authentication result informationto the server 1000 (S360) may also be performed after the step of theuser's terminal 2000 performing the access authentication (S440).

FIG. 12 is a flowchart of a method for notifying information upon dooraccess according to an embodiment of the present disclosure. It isassumed that a door is implemented with an automatic door or the likethat requires a door opening input by pressing a switch to open thedoor. When a user approaches the access control device 3000 to enter adoor opening input through the input unit 3900 to open a door, theuser's terminal 2000 may receive an access authentication request signalfrom the access control device 3000 and acquire a pre-designated messagefrom the server 1000 in communication with the server 1000. Thus, theaccess control system 10000 may utilize the user's terminal 2000 as ameans for advertisement or information notification when the door isaccessed.

Referring to FIG. 12, the method for notifying information upon dooraccess may include the user's terminal 2000 requesting access rightinformation from the server 1000 (S500), the server 1000 transmittingthe access right information to the user's terminal 2000 (S505), theaccess control device 3000 receiving a door opening input (S510), theaccess control device 3000 generating an access authentication requestsignal (S515), the access control device 3000 transmitting the accessauthentication request signal to the user's terminal 2000 (S520), theuser's terminal 2000 communicating with the server 1000 (S525), theserver 1000 transmitting a message to the user's terminal 2000 (S530),the user's terminal 2000 performing access authentication (S535), theuser's terminal 2000 generating a door opening signal (S540), the user'sterminal 2000 transmitting the door opening signal to the access controldevice 3000 (S545), and the access control device 3000 performing a dooropening operation (S550).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 requesting access right information from the server1000 (S500) may be performed.

Step S500 is performed similarly to step S300, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S500 is not necessarily required and may be omitted according tosome embodiments.

Also, according to some embodiments of the present disclosure, the stepof the server 1000 transmitting the access right information to theuser's terminal 2000 (S505) may be performed.

Step S505 is performed similarly to step S310, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S505 is not necessarily required and may be omitted according tosome embodiments.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 receiving a door opening input (S510) may beperformed.

For example, it is assumed that a door is implemented with an automaticdoor that is opened only when a switch is pressed to provide a dooropening input. When the door opening input is received, the accesscontrol device 3000 may generate an input signal for opening the door.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 generating an access authentication requestsignal (S515) may be performed.

For example, the access control device 3000 may generate an accessauthentication request signal according to an input signal generated bya door opening input. In this case, the access authentication requestsignal may be a signal including the identification information of theaccess control device 3000.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 transmitting the access authenticationrequest signal to the user's terminal 2000 (S520) may be performed.

The access control device 3000 may transmit the access authenticationrequest signal to the user's terminal 2000. The user's terminal 2000 mayperform user access authentication when the access authenticationrequest signal is received. Also, the access authentication requestsignal may include a signal including the identification information ofthe access control device 3000. Also, the access control device 3000 maytransmit the identification information of the access control device3000 to the user's terminal 2000 separately from the transmission of theaccess authentication request signal.

For example, when a communication between the access control device 3000and the user's terminal 2000 is performed through BLE, the transmissionof the access authentication request signal may mean that the accesscontrol device 3000 transmits an advertising signal to the user'sterminal 2000.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 communicating with the server 1000 (S525) may beperformed.

When the access authentication request signal is received from theaccess control device 3000, the user's terminal 2000 may communicatewith the server 1000. For example, when the access authenticationrequest signal is received from the access control device 3000, theuser's terminal 2000 may automatically transmit a signal for requestinga pre-designated message to the server 1000.

According to some embodiments of the present disclosure, the step of theserver 1000 transmitting a message to the user's terminal 2000 (S530)may be performed.

The server 1000 may transmit the pre-designated message to the user'sterminal 2000. For example, when an advertisement message is designated,the server 1000 may transmit the advertisement message to the user'sterminal 2000. Also, when a notification message is designated, theserver 1000 may transmit the notification message to the user's terminal2000. In this case, a plurality of messages may be designated, and adifferent message may be designated according to the current time fromamong a plurality of messages stored in the server 1000.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 performing access authentication (S535) may beperformed.

Step S535 is performed similarly to step S340, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating a door opening signal (S540) may beperformed.

Step S540 is performed similarly to step S450, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the door opening signal to the accesscontrol device 3000 (S545) may be performed.

Step S545 is performed similarly to step S460, which has been describedabove, and thus a detailed description thereof will be omitted.

Also, according to some embodiments, the step of the access controldevice 3000 performing the door opening operation (S550) may beperformed.

Step S550 is performed similarly to step S470, which has been describedabove, and thus a detailed description thereof will be omitted.

In the above-described information notification method upon dooropening, although not shown, the step of the user's terminal 2000generating access authentication result information (S350) and the stepof the user's terminal 2000 transmitting the access authenticationresult information to the server 1000 (S360) may also be performed afterthe step of the user's terminal 2000 performing the accessauthentication (S535).

An access control method using a user's biometric information in theaccess control system 10000 in which the user's terminal 2000 performsaccess authentication will be described below with reference to FIGS. 13and 14.

FIG. 13 is a flowchart of a method for managing an access authenticationresult using biometric information according to an embodiment of thepresent disclosure. The user's terminal 2000 approaches the accesscontrol device 3000, performs access authentication, and transmits theresult to the server 1000. Thus, the access authentication result may bemanaged by the server 1000. In this case, security-enhanced accessauthentication may be performed using a user's biometric informationreceived from the access control device 3000. Thus, the access controlsystem 10000 may be utilized for time and attendance management ofworkers or the like.

Referring to FIG. 13, the method for managing an access authenticationresult using biometric information may include the user's terminal 2000requesting access right information from the server 1000 (S600), theserver 1000 transmitting the access right information to the user'sterminal 2000 (S610), establishing a communication between the user'sterminal 2000 and the access control device 3000 (S620), the accesscontrol device 3000 receiving biometric information (S630), the accesscontrol device 3000 transmitting the biometric information to the user'sterminal 2000 (S640), the user's terminal 2000 performing accessauthentication (S650), the user's terminal 2000 generating accessauthentication result information (S660), and the user's terminal 2000transmitting the access authentication result information to the server1000 (S670).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 requesting access right information from the server1000 (S600) may be performed.

Step S600 is performed similarly to step S300, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S600 is not necessarily required and may be omitted according tosome embodiments.

Also, according to some embodiments of the present disclosure, the stepof the server 1000 transmitting the access right information to theuser's terminal 2000 (S610) may be performed.

Step S610 is performed similarly to step S310, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S610 is not necessarily required and may be omitted according tosome embodiments.

According to some embodiments of the present disclosure, the step ofestablishing a communication between the user's terminal 2000 and theaccess control device 3000 (S620) may be performed.

Step S620 is performed similarly to step S320, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 receiving biometric information (S630) may beperformed.

The access control device 3000 may receive biometric information from auser through the biometric-information input unit 3800 and may acquirethe user's biometric information.

The user's biometric information may refer to one of the user'sfingerprint information, iris information, face information, veininformation, and voice information. For example, when thebiometric-information input unit 3800 is a screen scanner for acquiringa user's fingerprint information, the access control device 3000 mayreceive and acquire the user's fingerprint information. Also, when thebiometric-information input unit 3800 is a microphone for acquiring auser's voice information, the access control device 3000 may receive andacquire the user's voice information. Also, when thebiometric-information input unit 3800 is a camera for acquiring a user'siris information, the access control device 3000 may receive and acquirethe user's iris information.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 transmitting the biometric information to theuser's terminal 2000 (S640) may be performed.

When the biometric information is acquired from the user, the accesscontrol device 3000 may automatically transmit the acquired biometricinformation to the user's terminal 2000. Alternatively, when a requestfor the biometric information is received from the user's terminal 2000,the access control device 3000 may transmit the acquired biometricinformation to the user's terminal 2000.

In this case, for the purpose of security, the access control device3000 may encrypt the acquired biometric information and transmit theencrypted biometric information to the user's terminal 2000. Forexample, the access control device 3000 may encrypt the acquiredbiometric information with a public key of the access control device3000.

Also, the access control device 3000 may transmit the identificationinformation of the access control device 3000 to the user's terminal2000 in addition to the biometric information. Alternatively, the accesscontrol device 3000 may transmit the identification information of theaccess control device 3000 to the user's terminal 2000 in addition tothe biometric information.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 performing access authentication (S650) may beperformed.

The user's terminal 2000 may perform access authentication using thebiometric information received from the access control device 3000. Inthis case, when the biometric information is encrypted by the accesscontrol device 3000, the user's terminal 2000 may decrypt the encryptedbiometric information and perform access authentication. For example,when the biometric information acquired from the access control device3000 is encrypted with the public key of the access control device 3000,the user's terminal 2000 may decrypt the encrypted biometric informationwith a private key of the access control device 3000 and then performthe access authentication.

Step S650 is performed similarly to step S340, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating access authentication result information(S660) may be performed.

Step S660 is performed similarly to step S350, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the access authentication resultinformation to the server 1000 (S670) may be performed.

Step S670 is performed similarly to step S360, which has been describedabove, and thus a detailed description thereof will be omitted.

In the above-described access authentication result management methodusing biometric information, although not shown, the user's terminal2000 acquiring a user's biometric information in order to perform useraccess authentication may mean that the user's terminal 2000 receivesand acquires biometric information from the user without using the stepof the access control device 3000 receiving biometric information (S630)and the step of the access control device 3000 transmitting thebiometric information to the user's terminal 2000 (S640). The user'sbiometric information may refer to one of the user's fingerprintinformation, iris information, face information, vein information, andvoice information. For example, when the terminal biometric-informationinput unit 2700 is a screen scanner for acquiring a user's fingerprintinformation, the user's terminal 2000 may receive and acquire the user'sfingerprint information. Also, when the terminal biometric-informationinput unit 2700 is a microphone for acquiring a user's voiceinformation, the user's terminal 2000 may receive and acquire the user'svoice information. Also, when the terminal biometric-information inputunit 2700 is a camera for acquiring a user's iris information, theuser's terminal 2000 may receive and acquire the user's irisinformation.

FIG. 14 is a flowchart of a method for managing a door opening usingbiometric information according to an embodiment of the presentdisclosure. The user's terminal 2000 approaches the access controldevice 3000, performs access authentication, and transmits a dooropening signal to the access control device 3000. Thus, the user'sterminal 2000 may control a door opening or closing operation. In thiscase, the user's terminal 2000 may perform security-enhanced accessauthentication using the user's biometric information. Thus, the accesscontrol system 10000 may utilize the user's terminal 2000 as a dooraccess means.

Referring to FIG. 14, the method for managing a door opening usingbiometric information may include the user's terminal 2000 requestingaccess right information from the server 1000 (S700), the server 1000transmitting the access right information to the user's terminal 2000(S710), establishing a communication between the user's terminal 2000and the access control device 3000 (S720), the access control device3000 receiving biometric information (S730), the access control device3000 transmitting the biometric information to the user's terminal 2000(S740), the user's terminal 2000 performing access authentication(S750), the user's terminal 2000 generating a door opening signal(S760), the user's terminal 2000 transmitting the door opening signal tothe access control device 3000 (S770), and the access control device3000 performing a door opening operation (S780).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 requesting access right information from the server1000 (S700) may be performed.

Step S700 is performed similarly to step S300, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S700 is not necessarily required and may be omitted according tosome embodiments.

Also, according to some embodiments of the present disclosure, the stepof the server 1000 transmitting the access right information to theuser's terminal 2000 (S710) may be performed.

Step S710 is performed similarly to step S310, which has been describedabove, and thus a detailed description thereof will be omitted.

Step S710 is not necessarily required and may be omitted according tosome embodiments.

According to some embodiments of the present disclosure, the step ofestablishing a communication between the user's terminal 2000 and theaccess control device 3000 (S720) may be performed.

Step S720 is performed similarly to step S320, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 receiving biometric information (S730) may beperformed.

Step S730 is performed similarly to step S630, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 transmitting the biometric information to theuser's terminal 2000 (S740) may be performed.

Step S740 is performed similarly to step S640, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 performing access authentication (S750) may beperformed.

Step S750 is performed similarly to step S650, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating a door opening signal (S760) may beperformed.

Step S760 is performed similarly to step S450, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the door opening signal to the accesscontrol device 3000 (S770) may be performed.

Step S770 is performed similarly to step S460, which has been describedabove, and thus a detailed description thereof will be omitted.

Also, according to some embodiments, the step of the access controldevice 3000 performing the door opening operation (S780) may beperformed.

Step S780 is performed similarly to step S470, which has been describedabove, and thus a detailed description thereof will be omitted.

In the above-described access authentication result management methodusing biometric information, although not shown, the user's terminal2000 acquiring a user's biometric information in order to perform useraccess authentication may mean that the user's terminal 2000 receivesand acquires biometric information from the user without using the stepof the access control device 3000 receiving biometric information (S730)and the step of the access control device 3000 transmitting thebiometric information to the user's terminal 2000 (S740). The user'sterminal 2000 may receive biometric information from a user through theterminal biometric-information input unit 2700 and may acquire theuser's biometric information. The user's biometric information may referto one of the user's fingerprint information, iris information, faceinformation, vein information, and voice information. For example, whenthe terminal biometric-information input unit 2700 is a screen scannerfor acquiring a user's fingerprint information, the user's terminal 2000may receive and acquire the user's fingerprint information. Also, whenthe terminal biometric-information input unit 2700 is a microphone foracquiring a user's voice information, the user's terminal 2000 mayreceive and acquire the user's voice information. Also, when theterminal biometric-information input unit 2700 is a camera for acquiringa user's iris information, the user's terminal 2000 may receive andacquire the user's iris information.

In the above-described door opening management method, although notshown, the step of the user's terminal 2000 generating accessauthentication result information (S350) and the step of the user'sterminal 2000 transmitting the access authentication result informationto the server 1000 (S360) may also be performed after the step of theuser's terminal 2000 performing the access authentication (S750).

4. Setting Change Method for Access Control Device

A conventional access control system required a procedure of changingthe settings of an access control device through establishment of anetwork between the access control device and a management server inorder to change the settings of the access control device. As a result,a problem arises in that a lot of cost and effort is required for wiringwork to establish a network between the access control device and themanagement server.

FIG. 15 is a surrounding view for a method for changing a setting of anaccess control device 3000 according to an embodiment of the presentdisclosure.

As illustrated in FIG. 15, in the method for changing a setting of anaccess control device 3000 according to an embodiment, the user'sterminal 2000 inputs setting change information to generate a settingchange signal and transmits the setting change signal to the accesscontrol device 3000 in a wireless communication manner so that a user ofthe user's terminal 2000 can change the settings of the access controldevice 3000.

In the setting change method for the access control device 3000according to an embodiment, the management server may not be involved ina series of processes of the user's terminal 2000 performing an input tochange the settings of the access control device 3000, generating asetting change signal, and transmitting the setting change signal to theaccess control device 3000.

Accordingly, unlike the conventional access control system, the settingchange method for the access control device 3000 according to anembodiment can change the settings of the access control device 3000without any problems when a user has a terminal even though nomanagement server is networked with the access control device 3000.

The basic concept of the setting change method for the access controldevice 3000 according to an embodiment may be applied to the followingvarious embodiments.

FIG. 16 is a flowchart of a method for changing a setting of an accesscontrol device 3000 according to an embodiment of the presentdisclosure. The user's terminal 2000 may change the settings of theaccess control device 3000 by receiving an input of changing thesettings of the access control device 3000, approaching the accesscontrol device 3000, and transmitting a setting change signal to theaccess control device 3000.

Referring to FIG. 16, the method for changing a setting of an accesscontrol device 3000 may include the user's terminal 2000 establishing acommunication with the access control device 3000 (S800), the user'sterminal 2000 receiving setting change information (S810), the user'sterminal 2000 receiving manager information (S820), the user's terminal2000 generating a setting change signal (S830), the user's terminal 2000transmitting a setting change signal to the access control device 3000(S840), the access control device 3000 checking the manager information(S850), and changing the settings of the access control device 3000(S860).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 detecting the access control device 3000 toestablish a communication (S800) may be performed.

The user's terminal 2000 may detect a nearby access control device 3000.For example, when the communication between the user's terminal 2000 andthe access control device 3000 is performed through BLE communication,the user's terminal 2000 may receive an advertising signal from theaccess control device 3000 and detect the access control device 3000.After the user's terminal 2000 detects the access control device 3000,the user's terminal 2000 may establish a communication channel with theaccess control device 3000. In this case, when the communication channelis established, the user's terminal 2000 or the access control device3000 may output a notification to the outside.

In this case, the user's terminal 2000 may collect recent connectionrecords and distances from the access control device 3000.

The communication between the user's terminal 2000 and the accesscontrol device 3000 may be performed according to a short-rangecommunication standard such as BLE, Bluetooth, NFC, and Wi-Fi.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 receiving the setting change information (S810) maybe performed.

The user's terminal 2000 may output a screen for receiving the settingchange information through the terminal display unit 2200 and mayreceive information for a setting change performed by the access controldevice 3000 (hereinafter referred to as setting change information). Inthis case, the user's terminal 2000 may display a list of devices ofwhich settings may be changed on the screen. When a device of whichsettings are to be changed is selected from the list of devices, ascreen including setting items to be changed may be displayed on theterminal display unit 2200.

The user's terminal 2000 may receive information for changingcommunication interface settings of the access control device 3000. Forexample, when the access control device 3000 uses the RS-485 standard,the user's terminal 2000 may receive information for changing the valueof baud rate or the like. As another example, when the access controldevice 3000 uses the Wiegand standard, the user's terminal 2000 mayreceive information for changing the Wiegand format, for example, from a26-bit format to a 34-bit format.

Also, the user's terminal 2000 may receive information for changing PINsettings of the access control device 3000. For example, the user'sterminal 2000 may receive information for changing the number of PINdigits.

Also, the user's terminal 2000 may receive information for changingsettings of the display unit 3200 or the voice output unit 3300 of theaccess control device 3000. For example, the user's terminal 2000 mayreceive information for changing settings such that an LED of the accesscontrol device 3000 can output different colors of light depending onvarious situations. As another example, the user's terminal 2000 mayreceive information for changing settings such that a buzzer of theaccess control device 3000 can output different sounds depending onvarious situations.

Also, the user's terminal 2000 may receive information for changing acard type recognizable by the access control device 3000. For example,the user's terminal 2000 may receive information for changing a cardtype recognizable by the access control device 3000 from the Wiegandformat to the Smart Card format.

Also, the user's terminal 2000 may receive information necessary foruser access authentication in the access control device 3000. Forexample, the user's terminal 2000 may receive information that isnecessary for access authentication and that is stored in the accesscontrol device 3000.

Also, the user's terminal 2000 may receive information for updating thefirmware of the access control device 3000. For example, the user'sterminal 2000 may receive information for updating the firmware embeddedin the access control device 3000.

The above-described inputs of the setting change information of theaccess control device 3000 are just examples for convenience ofdescription. Therefore, the present disclosure is not limited thereto,and a typical input type of the setting change information of the accesscontrol device 3000 may be utilized.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 receiving manager information (S820) may beperformed.

The user's terminal 2000 may receive manager information so that only auser having a setting change right can change the settings of the accesscontrol device 3000. For example, the manager information may be amanager password, and the user's terminal 2000 may receive a six-digitpassword.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating a setting change signal (S830) may beperformed.

The user's terminal 2000 may generate the setting change signal on thebasis of the received setting change information. When the settingchange signal is transmitted to the access control device 3000, theaccess control device 3000 is allowed to perform a setting change. Thesetting change signal may include data necessary for the access controldevice 3000 to perform the setting change. Also, the user's terminal2000 may generate a setting change signal including the received managerinformation.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the setting change signal to theaccess control device 3000 (S840) may be performed.

The user's terminal 2000 may transmit, to the access control device3000, the manager information and the setting change signal for changingthe settings of the access control device 3000 according to the settingchange information.

For example, the communication between the user's terminal 2000 and theaccess control device 3000 may be performed according to a short-rangecommunication standard such as BLE, Bluetooth, NFC, and Wi-Fi.

Also, the user's terminal 2000 may not separately transmit the receivedmanager information to the access control device 3000 but may transmitthe setting change signal including the received manager information tothe access control device 3000.

Also, the user's terminal 2000 may transmit the setting change signaland/or the manager information to the access control device 3000 whenthe distance between the user's terminal 2000 and the access controldevice 3000 is less than or equal to a certain distance.

Also, the user's terminal 2000 may transmit the setting change signal tothe access control device 3000, and the access control device 3000 maytransmit a positive acknowledgement signal (ACK) to the user's terminal2000 when the setting change signal is successfully received. Also, theuser's terminal 2000 may transmit the setting change signal to theaccess control device 3000, and the access control device 3000 maytransmit a negative acknowledgement signal (NACK) when the settingchange signal is not successfully received.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 checking the manager information (S850) maybe performed.

The access control device 3000 may receive manager information receivedby the user's terminal 2000 and compare the manager information tomanager information prestored in the storage unit 3500 to determinewhether the received manager information and the prestored managerinformation match. For example, the access control device 3000 mayreceive a manager password received by the user's terminal 2000 andcompare the manager password to a manager password prestored in thestorage unit 3500 to determine whether the received manager password andthe prestored manager password match. When the manager informationreceived by the user's terminal 2000 does not match the managerinformation prestored in the storage unit 3500, the access controldevice 3000 may not change the settings according to the setting changesignal. In this case, the access control device 3000 may transmit anotification message indicating a manager information mismatch to theuser's terminal 2000 or may output an alarm to the outside. When themanager information received by the user's terminal 2000 and the managerinformation prestored in the storage unit 3500 match each other, theaccess control device 3000 may change the settings according to thesetting change signal. In this case, the access control device 3000 maytransmit a notification message indicating a manager information matchto the user's terminal 2000 or may output an alarm to the outside.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 performing a setting change (S860) may beperformed.

When the manager information received by the user's terminal 2000 andthe manager information prestored in the storage unit 3500 match eachother, the access control device 3000 may perform the setting changeaccording to the setting change signal. For example, the access controldevice 3000 may perform the setting change corresponding to the settingchange information through the control unit 3700. Also, the accesscontrol device 3000 may store information included in the setting changesignal in the storage unit 3500 through the control unit 3700.

FIG. 17 is a flowchart of a method for storing biometric informationacquired by a user's terminal 2000 in an access control device 3000according to an embodiment of the present disclosure. The user'sterminal 3000 may receive a user's biometric information, approaches theaccess control device 3000, and store the received biometric informationin the access control device 3000.

Referring to FIG. 17, the method for storing biometric informationacquired by a user's terminal 2000 in the access control device 3000 mayinclude the user's terminal 2000 establishing a communication with theaccess control device 3000 (S900), the user's terminal 2000 acquiringbiometric information (S910), the user's terminal 2000 receiving settingchange information (S920), the user's terminal 2000 receiving managerinformation (S930), the user's terminal 2000 generating a setting changesignal (S940), the user's terminal 2000 transmitting the setting changesignal to the access control device 3000 (S950), the access controldevice 3000 checking the manager information (S960), and storing thebiometric information in the access control device 3000 (S970).

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 establishing a communication with the accesscontrol device 3000 (S900) may be performed.

Step S900 is performed similarly to step S800, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 acquiring biometric information (S910) may beperformed.

For example, the user's terminal 2000 may acquire biometric informationto be stored in the access control device 3000 by receiving thebiometric information from a user through the terminalbiometric-information input unit 2700. When the terminalbiometric-information input unit 2700 is a screen scanner for acquiringa user's fingerprint information, the user's terminal 2000 may receiveand acquire the user's fingerprint information. Also, when the terminalbiometric-information input unit 2700 is a microphone for acquiring auser's voice information, the user's terminal 2000 may receive andacquire the user's voice information. Also, when the terminalbiometric-information input unit 2700 is a camera for acquiring a user'siris information, the user's terminal 2000 may receive and acquire theuser's iris information.

As another example, the user's terminal 2000 may receive and acquire thebiometric information to be stored in the access control device 3000from the server 1000.

Also, the user's terminal 2000 may encrypt the acquired biometricinformation. For example, the user's terminal 2000 may encrypt theacquired biometric information with a public key of the access controldevice 3000.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 receiving setting change information (S920) may beperformed.

Also, the user's terminal 2000 may receive information necessary tostore the biometric information in the access control device 3000. Forexample, the user's terminal 2000 may receive information necessary todetermine which piece of biometric information is to be stored in theaccess control device 3000 from among the acquired biometricinformation.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 receiving manager information (S930) may beperformed.

Step S930 is performed similarly to step S820, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 generating a setting change signal (S940) may beperformed.

The user's terminal 2000 may generate a setting change signal forstoring the biometric information in the access control device 3000 onthe basis of the acquired biometric information. Also, the user'sterminal 2000 may generate a setting change signal including at leastone of the received manager information and the acquired biometricinformation.

According to some embodiments of the present disclosure, the step of theuser's terminal 2000 transmitting the setting change signal to theaccess control device 3000 (S950) may be performed.

The user's terminal 2000 may transmit, to the access control device3000, the manager information and the setting change signal for changingthe settings of the access control device 3000 according to the settingchange information. Also, the user's terminal 2000 may separatelytransmit the acquired biometric information to the access control device3000. For example, the communication between the user's terminal 2000and the access control device 3000 may be performed according to ashort-range communication standard such as BLE, Bluetooth, NFC, andWi-Fi.

Also, the user's terminal 2000 may not transmit the received managerinformation and the acquired biometric information separately from thesetting change signal but may transmit the setting change signalincluding at least one of the received manager information and theacquired biometric information to the access control device 3000.

Also, the user's terminal 2000 may transmit the setting change signal,the manager information, and/or the biometric information to the accesscontrol device 3000 when the distance between the user's terminal 2000and the access control device 3000 is less than or equal to a certaindistance.

Also, the user's terminal 2000 may transmit the setting change signal tothe access control device 3000, and the access control device 3000 maytransmit a positive acknowledgement signal (ACK) to the user's terminal2000 when the setting change signal is successfully received. Also, theuser's terminal 2000 may transmit the setting change signal to theaccess control device 3000, and the access control device 3000 maytransmit a negative acknowledgement signal (NACK) when the settingchange signal is not successfully received.

According to some embodiments of the present disclosure, the step of theaccess control device 3000 checking the manager information (S960) maybe performed.

Step S960 is performed similarly to step S850, which has been describedabove, and thus a detailed description thereof will be omitted.

According to some embodiments of the present disclosure, the step ofstoring the biometric information in the access control device 3000(S970) may be performed.

When the manager information received by the user's terminal 2000 andthe manager information prestored in the storage unit 3500 match eachother, the access control device 3000 may store the biometricinformation received from the user's terminal 2000 in the storage unit3500.

In this case, when the received biometric information is encrypted, theaccess control device 3000 may decrypt the encrypted biometricinformation and store the decrypted biometric information in the storageunit 3500. For example, when the setting change signal including thebiometric information encrypted with the public key of the accesscontrol device 3000 is received from the user's terminal 2000, theaccess control device 3000 may decrypt the biometric information with aprivate key of the access control device 3000 and store the biometricinformation in the storage unit 3500.

The method according to an embodiment may be implemented in the form ofprogram instructions executable by a variety of computer means and maybe recorded on a computer-readable medium. The computer-readable mediummay include program instructions, data files, data structures, and thelike alone or in combination. The program instructions recorded on themedium may be designed and configured specifically for an embodiment ormay be publicly known and usable by those who are skilled in the fieldof computer software. Examples of the computer-readable recording mediuminclude a magnetic medium, such as a hard disk, a floppy disk, and amagnetic tape, an optical medium, such as a compact disc read-onlymemory (CD-ROM), a digital versatile disc (DVD), etc., a magneto-opticalmedium such as a floptical disk, and a hardware device speciallyconfigured to store and perform program instructions, for example, aread-only memory (ROM), a random access memory (RAM), a flash memory,etc. Examples of the computer instructions include not only machinelanguage code generated by a compiler, but also high-level language codeexecutable by a computer using an interpreter or the like. The hardwaredevice may be configured to operate as one or more software units inorder to perform the steps of an embodiment, and vice versa.

According to an embodiment of the present disclosure, a user does nothave to carry a separate authentication means because whether the userhas an access right is determined through the user's terminal, and thusit is possible to increase user convenience.

Also, according to an embodiment of the present disclosure, informationfor performing access authentication does not need to be stored in astorage unit of the access control device and may be stored in a user'sterminal or a server, and thus it is possible to increase the securityof an access control system.

Also, according to an embodiment of the present disclosure, networkingbetween an access control device and a server is not required becauseinformation regarding whether a door is accessed is transmitted to aserver by a user's terminal, and thus it is possible to reduce relatedcost and effort.

Also, according to an embodiment of the present disclosure, a user'sterminal directly changes the settings of an access control devicewithout needing a procedure of changing the settings of the accesscontrol device through networking between the access control device andthe server due to wiring work, and thus it is possible to reduce relatedcost and effort.

Also, according to an embodiment of the present disclosure, in the caseof a door capable of being opened by pressing an opening switch, etc.,when a user presses the switch to access the door, an accessauthentication request may be received. In this case, a user's terminalmay perform access authentication and receive a defined message from aserver. Thus, it is possible to effectively provide an advertisement oran information notification to a user.

Advantageous effects of the invention are not limited to theaforementioned effects, and other advantageous effects that are notdescribed herein will be clearly understood by those skilled in the artfrom the following description and the accompanying drawings.

Although the present disclosure has been described with reference tospecific embodiments and drawings, it will be appreciated that variousmodifications and changes can be made from the disclosure by thoseskilled in the art. For example, appropriate results may be achievedalthough the described techniques are performed in an order differentfrom that described above and/or although the described components suchas a system, a structure, a device, or a circuit are combined in amanner different from that described above and/or replaced orsupplemented by other components or their equivalents.

Therefore, other implementations, embodiments, and equivalents arewithin the scope of the following claims.

What is claimed is:
 1. An access control method performed by a terminalof a user which performs access authentication of the user for enteringa target door around the access control device corresponded to thetarget door, the method comprising: detecting the access control devicein the terminal of the user; establishing a communication channelbetween the detected access control device and the terminal of the user;receiving the identification information from the access control devicethrough the communication channel; checking the target door of theaccess authentication of the user based on the received identificationinformation; and determining whether or not the user is allowed toaccess to the target door based on access right information prestored inthe terminal of the user, wherein the access right information includesat least one of registered user identification information, registeredterminal identification information, registered access control deviceidentification information, access schedule information, and validityperiod information of the access right information.
 2. The accesscontrol method of claim 1, further comprising receiving biometricinformation of the user through the communication channel, wherein thebiometric information of the user is inputted from the user on theaccess control device, and wherein the access right information furtherincludes registered biometric information.
 3. The access control methodof claim 2, wherein the determining whether or not the user is allowedto access to the target door includes: comparing the received biometricinformation of the user with the registered biometric information, anddetermining that the access authentication is successful when biometricinformation of the user is matched to one of the registered biometricinformation.
 4. The access control method of claim 3, wherein theregistered biometric information is corresponded to at least one ofregistered user identification information, registered terminalidentification information, registered access control deviceidentification information, access schedule information, and validityperiod information of the access right information.
 5. The accesscontrol method of claim 4, wherein the access right information furtherincludes the access schedule information corresponded to the registeredbiometric information, and wherein the determining that the accessauthentication is successful when the user's biometric information ismatched to one of the registered biometric information includes:comparing current time with the access schedule information related tothe received biometric information of the user of the access rightinformation, and determining that the access authentication has failedwhen the current time is not included in access schedule.
 6. The accesscontrol method of claim 4, wherein the access right information furtherincludes the registered terminal identification information correspondedto the registered biometric information, and wherein the determiningthat the access authentication is successful when biometric informationof the user is matched to one of the registered biometric informationincludes: comparing identification information of the terminal of theuser with the registered terminal identification information related tothe received biometric information of the user, and determining that theaccess authentication has failed when the identification information ofthe terminal of the user is not matched to one of the registeredterminal identification information corresponded to the receivedbiometric information of the user.
 7. The access control method of claim1, wherein the access right information includes the registered accesscontrol device identification information, and wherein the determiningwhether or not the user is allowed to access to the target doorincludes: comparing the received identification information with theregistered access control device identification information of theaccess right information, and determining that the access authenticationis successful when the received identification information is matched toone of the registered access control device identification information.8. The access control method of claim 7, wherein the registered accesscontrol device identification information is corresponded to at leastone of the registered user identification information, the registeredterminal identification information, the access schedule information,and the validity period information of the access right information. 9.The access control method of claim 8, wherein the access rightinformation further includes the access schedule informationcorresponded to the registered access control device identificationinformation, and wherein the determining that the access authenticationis successful when the received identification information is matched toone of the registered access control device identification informationincludes: comparing current time with the access schedule informationrelated to the received identification information of the access rightinformation, and determining that the access authentication has failedwhen the current time is not included in access schedule.
 10. The accesscontrol method of claim 8, wherein the access right information furtherincludes the registered terminal identification information correspondedto the registered access control device identification information, andwherein the determining that the access authentication is successfulwhen the received identification information is matched to one of theregistered access control device identification information includes:comparing identification information of the terminal of the user withthe registered terminal identification information related to thereceived identification information, and determining that the accessauthentication has failed when the identification information of theterminal of the user is not matched to one of the registered terminalidentification information corresponded to the received identificationinformation.
 11. The access control method of claim 1, wherein theaccess right information includes the validity period information of theaccess right information, and wherein when the access right informationhas expired, the step of the determining whether or not the user isallowed to access to the target door is prevented.
 12. The accesscontrol method of claim 1, further comprising: when the accessauthentication is successful, generating a door opening signal, andtransmitting the door opening signal to the access control device, thedoor opening signal forcing the access control device to perform a dooropening operation.
 13. The access control method of claim 1, wherein theaccess right information is transmitted from a server which manages theaccess right information related to a plurality of doors.
 14. The accesscontrol method of claim 1, further comprising, when the step of thedetermining is completed, generating result information of the accessauthentication.
 15. The access control method of claim 14, furthercomprising transmitting the result information of the accessauthentication to a server which manages the result information of theaccess authentication related to a plurality of users.
 16. The accesscontrol method of claim 1, wherein the target door is selected based ona distance between the detected access control device and the terminalof the user.
 17. The access control method of claim 16, wherein thetarget door is a door installed the detected access control having thedistance between the detected access control device and the terminal ofthe user shorter than a specific distance.
 18. A non-transitorycomputer-readable recording medium having a program recorded thereon forexecuting the method according to claim
 1. 19. An access control devicearound a target door corresponded to the access control device, thedevice comprising: a communication unit configured to establish acommunication channel between the access control device and a terminalof a user; and a control unit configured to transmit, via thecommunication unit, the identification information of the access controldevice for access authentication of the user performed by the terminalof the user based on access right information prestored in the terminalof the user for entering the target door to the terminal of the userthrough the communication channel; wherein the access right informationincludes at least one of registered user identification information,registered terminal identification information, registered accesscontrol device identification information, access schedule information,and validity period information of the access right information.
 20. Theaccess control device of claim 19, further comprising a biometricinformation input unit for receiving biometric information of the user,wherein the control unit is configured to transmit, via thecommunication unit, the biometric information of the user to theterminal of the user through the communication channel, wherein thebiometric information of the user is inputted from the user on theaccess control device, and wherein the access right information furtherincludes registered biometric information.